The Cyberthreat, Government Network Operations, and the Fourth Amendment

Many corporations have intrusion-prevention systems on their computers’ connections to the Internet. These systems scan the contents and metadata of incoming communications for malicious code that might facilitate a cyber attack, and take steps to thwart it. The United States government will have a similar system in place soon. But public and private intrusion-prevention systems are uncoordinated, and most firms and individual users lack such systems. This is one reason why the national communications network is swarming with known malicious cyber agents that raise the likelihood of an attack on a critical infrastructure system that could cripple our economic or military security.

To meet this threat, imagine that sometime in the near future the government mandates the use of a government-coordinated intrusion-prevention system throughout the domestic network to monitor all communications, including private ones. Imagine, more concretely, that this system requires the National Security Agency to work with private firms in the domestic communication network to collect, copy, share, and analyze the content and metadata of all communications for indicators of possible computer attacks, and to take real-time steps to prevent such attacks.

This scenario, I argue in this essay, is one end point of government programs that are already up and running. It is where the nation might be headed, though perhaps not before we first suffer a catastrophic cyber attack that will spur the government to take these steps. Such a program would be controversial. It would require congressional approval and in particular would require mechanisms that credibly establish that the NSA is not using extraordinary access to the private network for pernicious ends. But with plausible assumptions, even such an aggressive program could be deemed consistent with the U.S. Constitution, including the Fourth Amendment.